How one trusted employee defrauded a charity and how she got away with it for so long.
If your small business or organization maintains a paper checkbook, whether you typically use it or not, you could be at risk of check tampering fraud. Even if you believe your business or organization does not make any payments with paper checks, if there is a lack of oversight and internal control, it’s possible check fraud could be occurring.
How can a trusted employee get away with check tampering fraud? Take for example, a case that is well known in the fraud prevention community. A case involving a loving mother and wife who was seen as a giver in the community, worked as the executive secretary for a local charity. The woman, Melissa Robinson, who also volunteered at other organizations in her community, seemed an unlikely suspect in a fraud scheme.
In her role, Ms. Robinson had access to the organization’s checks as well as the ability to sign the checks. While there was a control in place that required two signatures for written checks, there was no oversight to ensure that this control was working effectively. This allowed Ms. Robinson to write checks to herself or to cash, and to sign her name and forge a second signature. No one in the organization reviewed the checks to verify the two signatures. Ms. Robinson would then record the amounts in the books as typical organizational expenses, so any review of the books would appear to be in line with the organization’s normal functions.
So, how did Ms. Robinson get away with committing fraud for five years and robbing her organization of over $60,000? She was a trusted employee. She and her family lived a modest lifestyle; there were no signs of her living beyond her means, which could have very easily been a red flag. Ms. Robinson paid her bills, paid for her children’s schooling, and even donated some of the stolen money to other organizations. On top of all that, the organization’s board of directors failed to do their due diligence by failing to have an annual independent audit performed—something that was required for each chapter of this international organization. With the initial lack of major red flags, and lack of an external audit, Ms. Robinson was free to write checks as she pleased.
The downfall of the fraud began when the organization’s financials began to show a decline, when the board and management had thought they had been doing well. This prompted a further look into what was going on. During board meetings, the board would ask to see Ms. Robinson’s manually kept books, however she would continually say that she forgot to bring them to the meeting. A red flag. The board remained on her side because she was trusted. A second red flag came when she refused to switch from manual checks to a computer system for paying bills. Again, the board did not object or push her further. In the year that she was caught, a new board of directors was elected that demanded the books from Ms. Robinson. The altered and missing checks were finally discovered.
You may have a similar employee in your organization. Someone in whom you put your trust to maintain your books, make sure the bills are paid, and to make sure you have enough inventory to keep your organization running. Is it possible that this trusted employee is committing fraud? You would hope not. There are simple controls you can implement to prevent, or at least deter, someone from stealing from your business or organization. One of the key factors in the fraud triangle is opportunity. Given the opportunity, even the most trusted employee might find no harm in taking “just enough” to pay their bills this month. Once they have committed this fraud once, it becomes easier to rationalize the action again and to take “only what they need.” It’s not long before the fraud spirals out of control.
Following are some simple controls your business or organization can implement to deter and prevent check tampering fraud:
- Sequence checks every month using the bank statement. If there are missing checks in the sequence, ask your employee to see the physical check. All voided checks need to be retained. If a physical check is missing, contact your bank for a stop payment.
- Bank reconciliations should be done as soon as the bank statement is received and should be done by a person who does not have signing power.
- Segregate the signatory on the check from the person writing the check. One person should not have the ability to do both.
- A second manager, owner, or board member should review and sign off on all checks written. Upon review of the bank statements, investigate each check written to determine that there has been proper authorization.
Don’t forgo your organization’s annual independent audit. Although an audit by a qualified CPA firm cannot be relied upon to detect fraud, it may serve as a deterrent as the auditors will certainly ask questions about disbursements. Additionally, the auditor is required to gain an understanding of the organization’s internal control. This process often results in recommendations to strengthen internal control to prevent and detect fraud before becoming a victim. R&A can help! Contact us to discuss your organization’s internal control and audit needs.